docs/libvirt-howto: add faq & troubleshooting #297
Conversation
openshift-ci-robot
added
the
size/M
openshift-ci-robot
added
approved
Documentation/dev/libvirt-howto.md
Outdated
| @@ -1,33 +1,31 @@ | |||
| # Libvirt howto | |||
| # Libvirt HOWTO | |||
|
|
|||
| Tectonic has limited support for installing a Libvirt cluster. This is useful especially | |||
There was a problem hiding this comment.
Are we ok with dropping "limited" now?
There was a problem hiding this comment.
We could say that we support libvirt on Linux
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| *By default, the installer will download the latest RHCOS image every time it is invoked. This may be problematic for users who create a large number of clusters or who have limited network bandwidth. The installer allows a local image to be used instead.* | ||
|
|
||
| Download the latest RHCOS image (you will need access to the Red Hat internal build systems): | ||
|
|
||
| ```sh | ||
| wget http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/cloud/latest/rhcos-qemu.qcow2.gz | ||
| gunzip rhcos-qemu.qcow2.gz | ||
| curl http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/cloud/latest/rhcos-qemu.qcow2.gz | gunzip > rhcos-qemu.qcow2.gz |
There was a problem hiding this comment.
You want to drop the .gz suffix from the final filename.
You also want a single space before the pipe (you currently have two).
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| For this example: | ||
|
|
||
| ```sh echo server=/tt.testing/192.168.124.1 | sudo tee /etc/NetworkManager/dnsmasq.d/tectonic.conf ``` |
There was a problem hiding this comment.
This doesn't render correctly (you can see the sh). What you want is a traditional fenced block with four-space indents:
Tell dnsmasq...
For this example:
echo server=/tt.testing/192.168.124.1 | sudo tee /etc/NetworkManager/dnsmasq.d/tectonic.conf
There was a problem hiding this comment.
Ah, I misread that command to invoke sh, thanks!
Documentation/dev/libvirt-howto.md
Outdated
| 1. We need to manually remap ports that the loadbalancer would | ||
| 2. Only the first server (e.g. master) is actually used. If you want to reach another, you have to manually update the domain name. | ||
|
|
||
| ## Troubleshooting | ||
| If following the above steps hasn't quite worked please review this section for well known issues. |
There was a problem hiding this comment.
"... hasn't quite worked, please..." (with a comma).
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| ### Github Issue Tracker | ||
| You might find other reports of your problem in the [Issues tab for this repository][issues_libvirt] where we ask you to provide any additional information. | ||
| If you're issue is not reported, please do. |
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| [bugzilla_libvirt_race]: https://bugzilla.redhat.com/show_bug.cgi?id=1576464 | ||
| [tfprovider_libvirt_race]: | ||
| https://github.com/dmacvicar/terraform-provider-libvirt/issues/402#issuecomment-419500064 |
There was a problem hiding this comment.
nit: I'd rather have the URL on the same line as the reference, but GitHub seems to render this correctly, so I'm ok with you deciding to wrap it like this if you feel strongly ;).
Documentation/dev/libvirt-howto.md
Outdated
| [libvirt_selinux_issues]: https://github.com/dmacvicar/terraform-provider-libvirt/issues/142#issuecomment-409040151 | ||
| [brokenmacosissue201]: https://github.com/openshift/installer/issues/201 | ||
| [arch_firewall_superuser]:https://superuser.com/questions/1063240/libvirt-failed-to-initialize-a-valid-firewall-backend | ||
|
|
There was a problem hiding this comment.
Why the blank line?
nit: I like collating these entries by anchor (e.g. highlight them all and use sort-lines in Emacs ;), because then I don't have to think about where to insert new references.
There was a problem hiding this comment.
very helpful, thanks
|
Why are e2e tests running on this PR? It's entirely documentation. |
I had the same thought when I created this PR. @sallyom can you answer that? |
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| *By default, the installer will download the latest RHCOS image every time it is invoked. This may be problematic for users who create a large number of clusters or who have limited network bandwidth. The installer allows a local image to be used instead.* | ||
|
|
||
| Download the latest RHCOS image (you will need access to the Red Hat internal build systems): | ||
|
|
||
| ```sh | ||
| wget http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/cloud/latest/rhcos-qemu.qcow2.gz | ||
| gunzip rhcos-qemu.qcow2.gz | ||
| curl http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/cloud/latest/rhcos-qemu.qcow2.gz | gunzip > rhcos-qemu.qcow2 | ||
| ``` |
There was a problem hiding this comment.
There was a step in @sjenning first screencast instructing how to set enforcing=0 in the qcow image with virt-edit, if that's still necessary we should add that here.
There was a problem hiding this comment.
I was about to test it again with that image but the URL doesn't work anymore. Has it changed?
There was a problem hiding this comment.
works for me.. are you still on the vpn?
There was a problem hiding this comment.
I don't remember being on the VPN for getting that image. Is there a public mirror?
There was a problem hiding this comment.
Is there a public mirror?
No, although I don't know what the reasoning is.
There was a problem hiding this comment.
There was a step in @sjenning first screencast instructing how to set enforcing=0 in the qcow image with virt-edit, if that's still necessary we should add that here.
It is not necessary anymore
Documentation/dev/libvirt-howto.md
Outdated
|
|
||
| The Kubernetes [cluster-api](https://github.com/kubernetes-sigs/cluster-api) | ||
| components drive deployment of worker machines. The libvirt cluster-api | ||
| provider will run inside the local cluster, and will need to connect back to | ||
| the libvirt instance on the host machine to deploy workers. | ||
|
|
||
| In order for this to work, you'll need to enable TCP connections for libvirt. | ||
|
|
||
| ##### Configure libvirtd.conf |
There was a problem hiding this comment.
did you meant to be at level 4 instead of 5 here?
Documentation/dev/libvirt-howto.md
Outdated
| -j ACCEPT -m comment --comment "Allow insecure libvirt clients" | ||
| ``` | ||
|
|
||
| If your uncertain about the libvirt *default* subnet you should be able to see its address using the command ` | ||
| ip -4 a show dev virbr0`. |
There was a problem hiding this comment.
Another command to note would be $ virsh --connect qemu:///system net-dumpxml default to see how the default network has been configured
Documentation/dev/libvirt-howto.md
Outdated
| @@ -125,37 +133,40 @@ include the `--permanent` to the commands that add-source and add-port. | |||
| 6. Set the `pullSecret` to your JSON pull secret. | |||
| 7. (Optional) Change the `image` to the file URL of the operating system image you downloaded (e.g. `file:///home/user/Downloads/rhcos.qcow`). This will allow the installer to re-use that image instead of having to download it every time. | |||
There was a problem hiding this comment.
put my content from https://github.com/openshift/installer/pull/323/files in here please. it's all still entirely relevant.
|
can you add something about tearing down the cluster? |
Documentation/dev/libvirt-howto.md
Outdated
| @@ -123,39 +129,45 @@ include the `--permanent` to the commands that add-source and add-port. | |||
| 4. Set the `name` (e.g. test1) | |||
| 5. Look at the `podCIDR` and `serviceCIDR` fields in the `networking` section. Make sure they don't conflict with anything important. | |||
| 6. Set the `pullSecret` to your JSON pull secret. | |||
There was a problem hiding this comment.
needs doc on where to get this file. Also @derekwaynecarr showed me it's easier to point to a path than to try to inline the file:
pullSecretPath: "/home/bparees/git/gocode/src/github.com/openshift/installer/files/config.json"
There was a problem hiding this comment.
(the reason i say we need doc on where to get this file is i was told not to get it from coreos.com (and i ran into problems trying to do so).
There was a problem hiding this comment.
pullSecretPath: "/home/bparees/git/gocode/src/github.com/openshift/installer/files/config.json"
This is deprecated. Once we get the new installer and #320, you'll be able to use OPENSHIFT_INSTALL_PULL_SECRET="$(cat path/to/your/secret)".
nm, i see it's there (tectonic destroy) |
|
I'm not sure what we're waiting for here. Did I leave any comments unaddressed? |
|
@crawford do the updates look good? |
docs/dev/libvirt-howto.md
Outdated
| FATA[0019] failed to run Terraform: exit status 1 | ||
| ``` | ||
|
|
||
| it is likely that your install configuration contains three backslashes after the protocol (i.e. `qemu+tcp:///...), when it should only be two. |
There was a problem hiding this comment.
Nit, missing a trailing backtick here.
wking
dismissed
crawford’s stale review
All of his requested changes have been addressed.
Since we're instructing to use 192.168.122.1 for the libvirt URI, which is apparently what's used by the clusterapi-controller to talk to libvirt, the firewall has to match, otherwise it looks likt this in the logs: ``` E0924 21:26:08.925983 1 controller.go:115] Error checking existance of machine instance for machine object worker-fdtdg; Failed to build libvirt client: virError(Code=38, Domain=7, Message='unable to connect to server at '192.168.122.1:16509': Connection timed out') ```
|
/lgtm |
openshift-ci-robot
added
lgtm
You're gonna have to go again, fixed another typo |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: steveeJ, wking The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This also improves the general structure a bit to decrease the likelihood of confusion.
Potentially conflicts with doc changes in #296.
Fixes #311.